LINUX Unplugged - 288: We're Gonna Need a Bigger Repo
Episode Date: February 13, 2019The hype around a new security flaw hits new levels. Fedora has a bunch of news, and we discover what's new in the latest Plasma release. Plus we fall down the openSUSE rabbit hole when Ell updates us... on her desktop challenge. Special Guests: Alan Pope, Brent Gervais, Danielle Foré, Ell Marquez, Martin Wimpress, and Neal Gompa.
Transcript
Discussion (0)
This is Linux Unplugged, Episode 288 for February 12th, 2019.
Well, hello there and welcome into your weekly Linux talk show, Episode 288.
If you can believe that mess.
My name is Chris.
My name is Wes.
Hello, Mr. Payne.
We have a really fun show today.
We have a tidy batch of community news, then we'll go over to the security corner and bust
one of the biggest hype crazes around container security that I've seen all year.
It's amazing. Plus this great handy piece of malware that does
you a super solid and it cleans up all the other malware, deletes all the other crap off your
system. So that way it can fully own your box. We'll tell you about that script that is hitting
Linux boxes right now. And it's just hilarious. Anyways, it's just so funny. I'll tell you more about it then. After that, we'll have
a moment with Fedora in the corner. There's a lot of Fedora news this week. Plus, we'll visit with
Elle, who's been trying out OpenSUSE as part of the OpenSUSE challenge that Jason's been putting
on. We'll check in with her, see if she's hit any snags, see if she has anything to report back that
might be interesting to us.
And it just happens to be
Wes and I also installed it last night
so we could give it a go a little bit.
So we'd have a little bit to talk about there too.
We'll wrap it all up with pics.
But before we can get into any of that,
it is our duty at this moment in time
in the show to bring in that virtual lug.
Time appropriate greetings, Mumble Room.
Hello.
Hello.
Greetings. Hello, everyone. Aloha. Hello. show to bring in that virtual lug time appropriate greetings mumble room hello hello greetings hello everyone aloha hello okay can i get your uh can i get your hot take guys on uh the open susa bell
that i i have i've got a bell right here so i'm holding it right here in my hand i got it for open
susa first this is the first ding on the show i'd like to hear your thoughts are you ready
your thoughts. Are you ready?
That is a little lapel. Are you sitting on it?
What the hell?
No, I'm not. I'm sorry.
Alright, so maybe
we won't be using the open sousa.
Yeah, that's pretty bad. What do you think, Wes? That's pretty bad,
isn't it? Well, I mean, so we've got the original
bell, and maybe that, I don't know, what
distro is this bell associated with?
That's the arch bell.
That's the arch bell, yeah.
Pure, clean as the driven snow.
And then here's the fedora bell.
You hear that one?
There's the fedora bell right there.
Yeah, and then I have the Ubuntu bell.
All right, guys.
Well, we're not here today to talk about bells,
although it's all that's really on my mind. I thought we'd do a little community news to get things rolling. This first story is, you could look at it in two ways,
actually. Kind of run-of-the-mill boring, or it is the great march of progress of open source
desktops. I choose the latter, my friends. I am talking about the new release of Plasma 5.15.
There's a lot in this release, always, but now as a seasoned Plasma
user, I thought I'd pull out a few of my favorites in here and we'd talk about them. Number one being
that Discover has a whole bunch of improvements and fixes. Wes, do you mind just jumping ahead
and listing off what some of those Discover fixes are there about midway on the page?
Oh, yeah.
And, you know, just between you and me and I guess everyone else listening to this, it kind of needed some of these fixes.
Like distribution repository management is just a lot more practical and actually usable, especially if maybe you're running something like Neon and it's an Ubuntu-based distro.
and it's an Ubuntu-based distro.
Also, when you're performing a search from the featured page,
Discover now only returns apps in the search results,
which kind of makes sense as a basic feature.
Add-ons will appear in search results only when a search is initiated from the add-on section.
So it's a little smarter about figuring out
what are you actually searching for.
Yeah, that's nice.
Here's where it also gets important.
Handling and presentation of errors arising from misconfigured add-on repos has also been improved.
And I've run into that one before.
And the previous error message, it just didn't explain what was going on.
And it was one of those things that often made me say, maybe I won't use Discover.
Yeah.
Yeah, well, I think we'll be talking more about that there in the show later on.
Those are all pretty good.
I think those deserve an open Sousa Ding.
So there we go.
We have that.
They also updated the What's New section.
Basically, it just doesn't display anything
if there's nothing to show.
I think a great idea.
There's a few other minor things in here,
like displaying things in your local time and date,
which is also nice to see,
and including notifications
when there is an upgrade
to your distro. So in the pop-up notification for updates, it will now in there mention there is a
whole new distro ready for you. But for me, the things that I like a lot is virtual desktop.
The settings for that have been greatly improved and rewritten to support Wayland.
And along the sort of integration lines and the future of the desktop,
integration modules such as XDG Desktop Portal, KDE, and Plasma Integration now support the
Settings Portal. So what that means is sandboxed Flatpak and Snap applications will respect your
Plasma configuration, including fonts, icons, widget themes themes and color schemes without requiring
read permissions to the kde global configuration file did i get that right poppy as far as you know
i have no idea what you're talking about i do okay okay wimpy did i get that right as far as
you know about yes you did get that right good yeah that Yeah, that's huge, isn't it? That seems like a pretty big step forward for Sandbox.
Yeah, it's not just KDE.
It's KDE and GTK using desktop environments as well.
Right, these are actually XDG, two different components, actually,
two different parts, and one is XDG Desktop Portal KDE.
So I would assume there is one that's XDdg desktop portal gtk or gnome or whatever well yeah the the standard portals are
gtk stroke gnome ah i see that makes sense that i i follow and then i love this one last feature
i'll call out here is the network management applet has gotten support for firing up WireGuard
VPNs.
And you can go to the main settings area and actually add a WireGuard VPN connection.
Nice.
See, that should get a real ding.
Yeah, that is.
I'm using WireGuard right now to do this show.
I just love it.
I just, I love it.
And so getting it built into my desktop environment is choice.
So it's a really solid update.
Updates to the breeze icons, updates to GTK application integration.
I mean, a bunch of really good updates across the board.
This is one of the things that we've been saying about Plasma for a while now is if it's your type of desktop, it's just consistently getting better and better over time.
Solid progress where if you've been using it for a
year or so, there's been rough edges that are now gone and they just continue down that trajectory.
Elle, I'm curious to know your initial take on Plasma having come from elementary,
and I think you predominantly use GTK GNOME desktops in the past. So what's your first
takes on Plasma having used it in a week or two?
I'm on week two. And honestly, once I'm able to take a step back from the troubleshooting
and actually get to play with the environment, I very much have enjoyed it.
One of the interesting things that happened to me was using KDE Plasma was the KDE wallet
popping up right away, not letting me go into my environment. So I think I was
blaming certain issues on others. So it's been interesting to try to learn distinctions between
what's KDE, what's Plasma, what's GNOME, what's actually OpenSUSE. It's been a little overwhelming.
Yeah, that actually is a great example of the wallet because when the wallet comes up,
it's like, hey, do you want to use Blowfish or do you want to use GPG, which is way better?
But then if you choose GPG, it's like, oh, sorry,
you don't have all this stuff you need installed.
And you're just stuck in like a, for, you know,
what it seems to be a broken loop.
And yeah, that is very confusing.
Same, you'll find the same thing when it comes to dealing with sound.
Plasma, it's the same kind of thing.
But I have to wonder, Dan, if every now and then,
as a team, Elementary doesn't look at what Plasma is doing and going, is there a way down the road we could integrate something like that into Pantheon and maybe smooth out some of the rougher edges?
Do a little bit different of an implementation, but some inspiration maybe from Plasma from time to time? for what other people are doing and what trends are and features that users are finding useful
and where we can look at our competitors, so to speak,
and see what gaps need to be filled.
It's fair enough.
Got to keep out.
Got to keep an eye out.
I follow you.
I follow you.
I'm living in Pantheon right now, so that's where my head's at.
It's been, Dan, why no minimize button, Dan?
Why no minimize button?
I mean, you're killing me with the no minimize button dan why no minimize button i mean you're
killing me with the no minimize here you're killing me i'm an animal that needs his minimize button
so this is something that um like several years ago we were looking at window controls
that uh we decided to ditch the minimize button um because we're trying to kind of think about like, okay, if we get rid of all of our
assumptions about how window management works, and just think through like, if we're designing
this for the first time, like what conclusions would we come to? That's a weird concept, isn't
it? Yeah. And something we thought about minimize was that to a user that has never used floating
window management before, which a lot of them are now,
right? Because we have kids that are using iPads and cell phones and things like that, right? So
floating windows is weird as far as people learning computers for the first time. And the distinction
between minimize and close is pretty weird too. Like both of the things visually make the window go away.
And sometimes one of them makes it run in the background.
But then there's a lot of apps where when you close it, it's actually still running in the background.
So there's not really any clear technical distinction between why minimize and close are two different buttons, because the result kind of depends on the developer's implementation anyway.
buttons because the result kind of depends on the developer's implementation anyway.
So why even do all that stuff? And why not just have one button that gets rid of the window and then whatever the developer decides to do, whether that's actually quitting the app or
running in the background, that's what they're going to do anyway. You know, might as well get
there. Yeah. I, I, that's what I like about it actually, is that you guys think about it,
you make an opinion, you're going a direction, and you're committed to that idea.
And you're willing to try things that other distros or desktops aren't.
I know on GNOME, you know, a lot of people get away with GNOME Minimize.
On GNOME Shell, just fine, too.
But for me, I feel like maybe I've reached a point where because I've had it so long.
You're just too old, Chris.
That's it.
I am.
I'm an old dog now.
But also just because I've come up with ways of workflow that work really well for me.
That's kind of like why I like to have it.
But I am trying it.
I basically just end up using multiple workspaces.
And that actually, that does fine too.
I think with the seriousness of our next story, we may need some faith healers.
We have to take a moment right now in the show and cover the breaking news.
This is CNN Breaking News.
SJVN writing for ZDNet in their Linux and open source category.
The topic security doomsday Docker security hole has been uncovered.
A security vulnerability has been disclosed for a flaw in run C and everyone is doomed.
You have to immediately patch. It is a total disaster. Doomsday scenario, SJVN says. Well,
at least CDNet editors do. But what's really happened is actually the
exact opposite. Not only is it not a doomsday scenario, but it is an example of a success story
for Linux security and a living production example of why a belt and suspenders approach
to your security in a production server environment is critical.
It bears all that out right here. But of course, that's not, that's weird. You know, let's give
the old bell here to SJVN. You're in that one. Now, a security vulnerability affecting a key
component of the larger container ecosystem has been discovered that can be exploited to give an attacker root access to a host operating system.
So there is an underlying issue here.
But there is some good news, right, Wes?
Yeah, you know, there is some good news.
So first of all, you're going to need to have a specific sort of compromised image, malicious image in the first place to do this.
And in a lot of environments, that's just not going to happen.
Now, the downside here is, as we've talked about on many JP shows,
Docker Hub's not always the best place to trust.
So if you haven't been following good practices with where you get your images from,
you might have a problem, but it does actually require you doing something.
It's not just going to happen randomly.
There's also several mitigating factors in how the host or containers are run
and how SC Linux might be
configured on the box, right? Oh, yes. And don't you just know Red Hat was happy to point that out
right away that if you do have their standard setup with SC Linux in enforcing mode, this wasn't
actually going to affect you. And the other thing here that we should note too is if you are using
some of the runtimes and most runtimes were affected by this, surprisingly.
It's not just Run-C.
Run-C is the little core of Docker
that actually does all the talking to the kernel,
makes all the namespaces, handles talking to C groups,
sets everything up for you.
LXC, also vulnerable.
And the way it worked out is you can be really clever about it
and involve some timing stuff and getting it just right,
but you can actually, from inside the container, replace Run-C, the executable, outside the container. So
once you've done that, obviously Run-C is running with, it's usually set UID and it's got root
permission. So that's your box owned right there. All right. And in that particular scenario, so
you've gotten a bad container image and you're putting that bad
container image onto your production server without checking it. And you are running with
SELinux disabled in a production server environment or AppArmor. And your namespace is running as root,
right? Because there is the possibility that these namespaces could be running with user privileges.
Yeah, exactly. So there are ways that you could mitigate this, and if you're not
using that functionality, you're still vulnerable.
Docker itself, Upstream
and Mobi really only recently
got enough stuff landed that would
have fully mitigated this, but
Run-C underline that does have the
capability. So if you've understood
really what's happening, if you've set things up with
defense and depth and multiple layers, then
it's something you need to patch, but it's not, you know, don't go pulling your hair out right
now and setting the whole data center on fire. The way the Red Hat security engineer explained
it is I've been calling SELinux the spare tire here. I would drive around on a spare tire for
three days, a week maybe, but I wouldn't drive around on a spare tire for a year. The good part
about SELinux secondary control is that it buys you time to patch before you get exploited.
That's true for AppArmor 2 and other access control lists.
But on top of that, I think the thing to make sure I'm clear on
is it is best practice in production now.
I grant you it is a recent best practice on Linux,
but it is best practice now on Linux
to run the namespaces that
your containers are in with user-level accounts, not as root, correct? So it's been somewhat of a
complicated history. User namespaces have been around for a while, but it's been a long time
coming that they're actually seeing a whole bunch of use. And part of that was because it's a hard
thing to really get right. And there have been several prominent vulnerabilities as a relation of us, the kernel community,
getting those wrong.
But it's been around for a long time now.
And as we see with this vulnerability,
not having the root from the host system
mapped into the container,
that's really good.
And it can prevent a lot of the things.
And yes, we have other tools.
Yes, we have SCLinux.
Yes, there's capabilities that
you can do. There's all kinds of additional techniques to secure containers. And you
should probably be using all kinds and mixing and matching from those things. But user namespaces
is just a technology that it's time has come to be used. We don't need to disable it in kernels
anymore. You don't really need to be worried about it. Of course, there might be future bugs. That's
always going to be true. And that's why you just need to make sure you update regularly and use all the security features you can. Yeah. And it,
to me, it illustrates what a chicken shit operation ZDNet is because SJVN can write this
piece that even in the piece talks about how RHEL by default isn't vulnerable to this and other
distributions are not by default vulnerable to this. And the piece even stipulates that you have to use a pre-infected container that you pull down on your production
system. Even with all of that in the article, they still run it with doomsday scenario for
containers, a doomsday scenario for Docker. And the reason why you know that they are a worthless
publication that makes no impact in the public discourse is because just
reimagine this scenario if the New York Times or the Wall Street Journal or Ars Technica or Tech
Crunch ran a headline like that. That would actually damage the Docker brand. Like the
company that runs Docker would be in PR crisis mode right now. But when ZDNet does it, it's no big deal.
I still call him out for it
because, in my opinion,
it's crap journalism
that damages open source.
And SJVN should know better,
and he should have the clout
at ZDNet to go to them and say,
don't put a piece of shit headline
like that on my article.
Because this is an example
of why running Linux in production
is a success story.
Because even with a vulnerability like this, there are two other at least mitigating circumstances that would prevent you from being at risk from this.
Assuming you're following best practices, which you likely are if you're using a server in production in any kind of important capacity.
And yet they run that as a doomsday.
It's damaging.
It's bad.
And the only mitigating factor we have as a community
is that they are irrelevant.
That's the only mitigating factor we have.
If they had more traffic, if they mattered more,
this would be very bad.
It's reckless.
And SJVN should know better
He's been covering this stuff for forever
And if he doesn't have the pull with them to run better headlines than that
Then he should leave and start his own publication
And I'd love to see how that goes
It's ridiculous
And you know, I'm almost done
But I just gotta say, we have been publishing shows for over 13 years
And we have never, ever gone with a headline like that.
It is completely irresponsible.
It's so frustrating.
It really does upset me because it's not like commercial software,
where there's a company that has a big marketing department that can manage the PR disaster.
It gets in the mindsets of the open source community, and it results less contributions and it results in shit talk and it damages brands in a way that is totally unlike
any other industry. All right. End of rant. It just really, it does. It truly gets me upset.
So in speak, talking about branding there, just one little happy note at the end.
Interestingly, system D N spawn, not vulnerable.
little happy note at the end. Interestingly, systemdnspawn, not vulnerable.
I get some opensuse bell too. Now, this has been known for a little while. It sounds like wimpy.
Yeah. I mean, obviously these CVEs are, you know, dealt with under embargo. I was just having a quick look at when these fixes were applied and they've been applied for some weeks now. So
in Ubuntu and the other distributions,
you know, the unattended updates will have been rolling these patches out for weeks already.
That's the other thing that makes it completely a non-doomsday scenario,
is the patches are already available. Patches are good. They're out.
People have been working on it for a few weeks.
Not working on it for a few weeks. These patches have been applied for a few weeks. You know, this work was done further back than that. The patches have been
available and in the updates. So by today, there's been several weeks of you being able to get the
updates. So there you go. It's not, it's not even something that's like a large in the wild attack
that people are suffering from.
Not like our next story.
Our next story, this is a great security story.
This is my favorite kind of security story.
Trend Micro has been tracking this Corkerds or whatever.
Corkerds.
Yeah, it sounds like it.
I read it as Corknerds the first time.
And it is a clever piece of malware that removes all other malware and miners,
which is the most common kind of malware that Linux servers are getting these days,
from your system. It comes in on the first job one is clean your box up, which is hilarious to me. Upon further analysis, Trend Micro found that the script capable of deleting a number of known
Linux malware coin miners, and it would also make sure it closed
all connections to other miner services, ports, and pools. It then installed a cryptocurrency
mining malware itself, and it implants itself into the system and then uses crontab to survive
reboots and deletions. I love the crontab angle. Like, schedule yourself to restore yourself later after they find me.
It's kind of perfect for that, right?
Like, it's got a good clip here showing just a bunch of net stat and grep and awk commands.
So it's really like, you know, someone's just having fun at the terminal, cleaning your machine up a little.
And as compensation, maybe you can mine some coin for them.
Well, you think about it, right?
You don't want the machine busy mining other people's coins because that's going to slow down how much coin it mines for you.
So to maximize profits,
you've got to make sure the box that you're going onto is clean.
So that way all of its dedicated CPU or GPU can be for you.
How far do cryptocurrencies have to drop?
We were talking about this last week.
How far do they have to drop where we're not going to see this anymore,
where there'll be more profitable things to do with the hijacked CPU?
You know, I was thinking that could be a thing, but I think the issue is you've always got a new coin.
And so there's always like a bit of bubble for these new coins.
And if you can mine a few thousand of them pretty quickly across, say, you own 5,000 machines, and then you get all of them to generate 100 to 1,000
coins, and then you can sell them all, even if it's super, super cheap at that volume,
you could then convert it to Bitcoin and sell the Bitcoin. It's not like you, you know, even if
you're not mining a ton, you're not out anything because you're using other people's resources.
So that's one genie. The crypto miner genie is never going back in the bottle. Maybe. This might be one of the most persistent form of malware attacks we see for a long time.
I mean, we've been seeing more and more crypto mining malware for a while,
but one that removes other malware?
That's awesome.
That's so good.
And then schedules itself in crontab.
Yeah, right.
It digs deep. It gets its hooks in there it
wants to stay i mean when you put in that much work you've earned it yep yep yep all right anybody
in the mumble room on fedora right now as we record this episode hi all right neil why don't
you come in the fedora corner with us we're gonna go we're gonna go over the corner where the air is
a little fresher smells a little more free.
This is the Fedora Freedom Corner over here.
I like that.
Yeah, it's nice here.
The grass is greener sometimes.
And then you look over at the other camp,
and all of a sudden the grass looks greener again.
Now, there's a lot to talk about with Fedora this week.
Each individually, it's not huge.
But when you add it all up and you put Fedora in a corner, you've got a ton of stuff here.
And I think we should start with the one that most people are talking about is Fedora's new logo redesign.
I'm pointing this out to you because it is a fascinating study of what it is like to go through to design a logo, which we have been doing behind the scenes for all of our shows for, well, since October.
And it's a really valuable insight into this process and they right here far from just being an arbitrary
logo change this process is being undertaken to solve a number of issues encountered with the
current logo some of the issues with the current logo include the lack of a single color variant And they have samples of where they're going with it.
I think it looks pretty sharp.
But, of course, the eye is always in the beholder.
So you can check the link in there. But I want to just make
you aware of it. There's another thing brewing over in the Fedora camp that you may be somewhat
familiar with. We've touched on it once before on the show. And that is Fedora's attempt to come up
with a way to track the install base without being creepy in, you know, in any kind of overly aggressive ways
that might put off users. And there are several different ways you can do this. We've seen
Canonical strike a good balance with their system and Fedora wants to do something similar, but
implement it differently and maybe use some of their own built-in tools. Well, they just had
their weekly Fedora engineering and steering committee on Monday, I think, and they approved a sort of quote-unquote
sane approach for counting users, and that mostly is, okay, let's do it as long as we can do it in
a way that we're all satisfied with, which I guess is interesting. It's not the original UUID-driven
proposal that we originally covered. It's something different, perhaps some sort of DNF counting mechanism.
I suppose we'll see.
Not really sure on the details of how they're going to track.
Yeah, they say it relies upon a count me bit
that will be incremented weekly or so.
I guess they're just trying to see sort of liveness,
see how many installs will keep updating that bit
and are actually being installed out there.
I don't know.
Neil, what are your insights into this decision-making process and what the goals are?
Well, I mean, so the logo thing is pretty straightforward. You've already kind of
covered that. And for what it's worth, I was actually part, a little bit, a part of that
process as well, because one of the annoyances, to put it lightly, about the Fedora logo as it is,
and I love the Fedora logo. So like, it's. So it's not being a hater on it or anything.
But one of the annoyances was that
because it doesn't work in a monochrome environment very well,
we can't really use the Fedora logo
as the desktop environment boot up splash in KDE
because it looks like garbage when you do it that way.
Because when you invert the color scheme,
it just looks really bad.
And so we just use the stock KDE logo because of that.
Most distributions, because their logo has either been already refactored
to be single color like Kubuntu's was,
or has already got a simple form already,
and it already works well in a monochrome like Open susans does uh you know they didn't have this problem uh so that's been a that's been a
perennial issue for us on the with the with the branding side so i've kind of welcomed this change
and i've given my own feedback about like how it should evolve i think it's going pretty well on
that on that sense for the tracking change, well, not really tracking, but like the counting,
what it really comes down to is that nobody really has a clue about what stuff is being used.
And this has actually become a little bit more of a problem,
as Fedora has had more and more spins, additions, variants, and whatnot. And the thing is, you know, there's
a certain point where you start wondering if the effort is going anywhere meaningful.
And it doesn't matter whether it's a first class edition that's splashed on the front page,
or if it's a desktop spin that, you know, like five or 10 people are working together on
to kind of showcase their favorite desktop environment on their favorite distribution stack. You kind of want to know like how people are
receiving your content. And so you can help people who are interested in it to see it more and how
you can attract other people to kind of take a look at it. And you want to see like the growth
trajectory for those things. And that doesn't require knowing anything about anyone.
No, you just want numbers, right? You just want a way to know how popular things are, what version is getting used a bunch
or what software packages maybe would be nice, I would think, but it doesn't even sound like
they're going to get that. There's a couple of things about like knowing specific software being
installed that gets a little bit weird, but like knowing the variant that people are using. So in Fedora 30, the upcoming Fedora 30,
we've made it so that each deliverable image,
whatever, has its own unique identifier as a variant.
And so, for example, the Fedora container,
the base container, has a specialized variant ID.
So does the Fedora workstation.
So does the server.
So does the upcoming Fedora Core OS. So does the IoT edition workstation. So does the server. So does the upcoming Fedora core OS.
So does the IOT edition, so on and so forth. And we can use that information to identify like,
where, where are, where are we hitting the right notes and where are we like a little bit off key,
so to speak. And as we, we can fine tune and improve and like to help either broaden the
base or like dig into places where we're getting really successful or shore up where we're
really weak. Just,
just to make it like the experience better and stuff like that. I mean,
canonical and Sousa are both familiar with these practices cause they've done
it for years and years and years, um, in different ways, of course.
But like for them,
it has actually been a godsend because that's how they like the famous, you know, if you were around 10 or 15 years ago, like the famous paper cuts stuff
that Ubuntu did for successive releases to make GNOME not suck. That was a lot of research. And
that was a lot of like getting information from people and doing a little bit of counting and
tracking to identify what's going on.
Let me have Popey jump in here because he has thoughts on this thing too. You think it's an
interesting progression for Fedora as a project, Popey?
Yeah, because it's not just, I agree with Neil, it's not just about raw numbers
for things like installs. So one of the numbers that fledgling Linux distros like to throw around is the number of ISO downloads they have,
which is largely meaningless because you download an ISO image,
you chuck it on a USB key, you take it along to a Linux user group,
and you spread it around.
And, you know, is that one? Is that ten?
Or you download it, put it on a USB key, never use it.
Is that one or is that zero?
It's hard to know and what you really want to know is not how many people downloaded my thing but how many people are
weekly active users who how many people are actively using the thing that i made
and if that turns out to be zero then do you want to invest engineering time making that thing
whatever it is a piece of software, a platform, an ISO image,
whatever it might be,
and all the engineering effort that's invested in making the thing
and keeping the thing running and all the security updates
or the back-end services,
you've got to know whether that's worth doing.
And back when Will Cook wrote his email
about the proposal for having metrics,
it was all so that we could drive these decisions so we could decide do we want to make um significant investment in one project or
another and we need to know that you know we can't just base it on number of iso downloads because
that is an irrelevant number and doesn't really match. It doesn't tell us whether people are
running this in a VM or on real hardware. It doesn't tell us 32-bit or 64-bit. It tells us
nothing. So I think this is great. It's extra data that would enable the Fedora teams to focus
their attention on the stuff that matters to the significant number of users. It's great.
Yeah. Neil, do you think they would make the numbers public? And also,
do you think this is maybe useful when discussing the value of Fedora with IBM?
Well, okay. So first of all, this isn't even Fedora's first rodeo at doing this. We did this
back in, what was it, Fedora Core 5, 6. So we did this a long time ago when we were, we did it for a different
reason. So Popey alluded to like figuring out whether the thing was worth, you know, in putting
engineering effort into. So back in those days, the thing that we were looking at was making the
graphics stack not suck. So Adam Jackson and other, and other friends, you know, at, uh, you
know, in the, in the XOR space, you know, we used to have tooling
in Fedora built in and it would be activated optional, optionally activated during setup
to have records of your hardware profile and send it back to the Fedora project for figuring
out like what kind of hardware people are using.
And that was actually a big part of like how they originally focused on making things like AIGLX better, making the compositing stuff,
figuring out which hardware profiles they needed to make sure that worked the best,
and like which stuff actually sucked so bad that needed immediate attention.
That kind of stuff was invaluable for networking as well as in a number of other categories across the board.
We discontinued the program after a few years, but like that, that data really helped in that regard.
And in this case, now most of the hardware stuff's kind of not really a problem.
We already have a good idea of what people are using.
So we didn't we don't really need to revive that kind of thing. In this case, we're just trying to figure out, you know, how people
are using it on a sustained level, which variants of Fedora, how are they using it, what stuff
they're pulling. We have some idea through the mirror manager service that we run, that we have
the geologic ages of Fedora, as Matt Miller likes to say. And so like, we have some idea of like the
sustained rate of the cumulative downloads of Fedora content that includes ISOs, RPMs, metadata, the works.
But we don't have an idea of beyond like that, that morass of downloads.
We don't know like additions or any of those things.
So we know that Fedora is on the balance, getting more popular, being used more.
But we don't know where is the breakdown exactly. We can kind of
guess a little bit based on ISOs, but as Popey mentioned, that's basically a meaningless metric
for all the reasons he said and more. Do you think we can expect to see the project be public with
the numbers, but also be very clear and explicit about how they're handling the data? If you read
the messaging mailing list right now,
it seems like they're very, very aware that this is a sensitive issue
and they really have no intention
of storing data and information about people
and they want to design this thing
in such a way to do that.
But it seems like the challenge
is going to be communicating that to Fedora users.
Do you think they have a shot
of successfully doing that?
I mean, they kind of have to.
Like, so here's the most important aspect of it.
If they're not communicating that data and putting it up publicly, I mean, even the Fedora
contributors who are working on the things can't see it.
So it's going to be public because that's just the way we've rolled with this stuff.
We don't have the like.
So unlike some other distributions, like, for example, Ubuntu has the wonderful benefit
of having canonical spearheading a lot of the engineering stuff.
And OpenSUSE historically, though not less so currently, I heard the sad bell.
The OpenSUSE historically, but not currently, has had a lot of engineering driven from SUSE.
of engineering driven from SUSE. So in those particular scenarios, they have the advantage of like, it doesn't really matter too much if the data is publicized. For Fedora, the balance
of contributors is heavily weighted towards non-Red Hatters. And even within Red Hat,
they're most likely not going to be happy if the data was private. So it's most likely going to be
designed to be anonymized and designed to be public, similar to how the hardware tracking data was when we had
that years ago. Okay, well, let's keep moving. A couple other stories in the Fedora corner.
Fedora 30 is going to get bash 5.0, and Yum's death sentence is postponed to Fedora 31.
Fedora 31. And then last but not least, draft schedule is now available for Fedora 31,
and it looks like it's landing on time. After some discussion before the end of the year,
we've decided to not go with an extended development cycle for Fedora 31 after getting input from within the team on Fedora. The basic structure
of the Fedora 31 schedule is pretty much similar to the Fedora 30 schedule. Well, I think it was
off air, Neil, but you totally called this off air. I asked you, I said, do you think this Fedora 31
delay, essentially missing a release cycle, is going to happen? And you said, no, I don't think
it has a chance. What went wrong here? Because Matt came on the show and I think he made a pretty good case for retooling, taking some time to take care of themselves and look inward and self-love for a bit and then come back with a more efficient build process. And when I bounce that off you, you're like, doubt it. So why?
So why?
That's like the silliest way to describe this, but okay.
So what it really comes down to is that it doesn't make,
nothing happens unless there's a release target to go for, right?
So whether we want to sit back for a year and make something happen is sort of beside the point because there's no value in doing that work
if nothing is going to
come of it, like if nobody's going to see it. And quite frankly, historically speaking,
for big changes like this, they're almost impossible to plan beyond a quarter anyway.
Like once you go past three months, everything slips like crazy. It doesn't matter. So saying, okay, we're going to stop and just push back until like next year
for another release so we could retool.
Like in most cases,
almost all that stuff will slip so much
that Fedora 31, if it was like in next May
rather than in October,
that will slip
because nobody will have like nobody will
have taken it seriously enough to operate at their normal cadence and speed.
So it wasn't going to happen because, quite frankly, if somebody if you thought about
it enough, it would be ludicrous.
Like nothing in release engineering ever happens without a target.
Speaking of someone who does it professionally.
True.
If there is no target or no priority or no push for it, it's just not happening.
And then the end users are left with nothing while other distros are continuing to release.
Exactly.
And for Fedora, a big part of it is the continuous incremental innovation that we have by shipping basically on a regular cadence, working with the upstreams directly and being part of that process.
You take that part away, then what are we left with?
Okay, so we're a distribution that has no customizations on anything,
and we just ship a bunch of stuff,
and then eventually somebody gets it and they do stuff with it.
No, just no. You take away almost all of the value in how fedora operates and how it it
releases to people and how it's usually consumed so like if you take that part away then what's
the point well the other option is now you've got to fix the vehicle while it's in motion
fixing the vehicle while it's in motion implies that something is actually really broken
fact the matter is nothing's actually broken the thing, the things that they're wanting are, some of it is big stuff. I will, I will grant, but most of it is incremental
improvements or layers that are stacking on top of the system. Nobody has been proposing something
like what happened during, uh, in 2005 ish, when we decided that the build system we had prior, famously called Plague, yeah, I know.
Ouch.
Yeah.
Was replaced with Koji, a brand new build system built from scratch to deal with the problems that Fedora had.
And even in that case, we did delay Fedora's releases.
What happened was that the new build system, Koji, was being developed in parallel.
And then it was deployed, and then everything was swapped over.
That happened in 2007.
And then in 2009, we switched from CVS to Git.
Well, during that period, there was, I think, like a year and a half
where they were running in parallel, and CVS was regularly exporting into Git,
and we were checking how everything was working and blowing it away
and trying it again.
Like, the thing is that you can do these kinds of things in tandem if you really want to.
If you are really driven to be successful and make something big, then you can do it.
It's just a matter of like, do you care enough to make it happen?
And fired up.
Yeah.
Well, I mean, this has been one of those things where I get actually quite upset about because
it's an episode of us getting on our soapboxes about stuff.
I love it.
No, go ahead.
I already did mine.
Well, so like the thing is, the thing that I have counted on for the, oh God, 12 years
I've been using Fedora as a contributor and 15 years I've been using it as a user.
All of that has been the cadence, the new stuff, the integration, and really just the overall
quality and the development process has just been a big part of why I like using this distribution.
And the thing is, yes, most people use Ubuntu. They don't use Fedora. And even though that's
something that I wish was different, that is the way it is today. However, even the work we're all doing in Fedora still benefits people in OpenSUSE and Ubuntu and Debian and so on.
And if you take that part away, who's going to pick up the bag?
I don't actually know who would do it.
Your point is pretty well taken in the sense that they are filling a very important role in the open source desktop innovation space.
And they're pushing the ball forward.
It's not just the desktop though.
It's the server.
It's the cloud is the containers.
Like Fedora is one of the few distributions I'm aware of that actively
directly tests and integrates SVN snapshots of GCC and get snapshots of the
Linux kernel.
We do that and it runs in our environments and the entire Fedora Rawhide collection of packages is used as a regression test suite against GCC.
That is a big deal.
Well, let me tell you, I've been trying out Rawhide.
It is a rough ride for us end users that want to try it, though.
But it is a big deal because somebody's got to do it.
Right. So and the thing is, it's not even as scary as it was 10 years ago.
Most of the time, the shit's just working.
I don't know.
It broke on me.
Well, I didn't say it was always working.
I said most of the time.
So Fedora plays such an important role because the community tries its best to bring the best of Linux to everyone.
And at the same time, we try to make Linux, the Linux platform, the best it can be.
And we do it in a way that is transparent and, frankly, easy for everyone to be a part of.
And that's incredibly valuable to me.
Now, that is a hell of a Fedora Freedom Corner.
Boy, you got me all fired up about it now, Neil.
Boy, if you ever want to talk Fedora with Neil,
that is fascinating.
It's so much interesting when you think about it,
the critical role that they're really playing there.
And yet, I would say we probably don't have
a full picture of it as end users.
I think we know bits and pieces of it,
but it's pretty, I would really,
I still maintain it'd be really great
if somebody made a map, a visual map
of the different projects that they're either lead of or contributing to.
But Mr. Payne, you know what I'm getting excited about?
I think you finally found a new bell that you wanted to purchase to replace the OpenCC failed bell.
Oh, no, no, not yet.
That's an after show task for sure.
No, it's scale.
March, what is it?
Like the 7th through the 10th or something like that. It's a long event.
There's an UbiCon there too, I think early in the week, like on a Thursday. Anybody you know
going to that, Popey or Wimpy? Maybe. Maybe. We're trying to sort out the logistics because a lot of
us are traveling a lot at the moment, including trips to America. So we want to make sure we
spread the load around. Well, if you or someone you know makes it,
make sure you tell them about our Saturday night meetup.
We're going to do dinner with whoever wants to join us
at P.F. Chang's unless the group gets huge.
Then we may re-venue.
But we have plenty of time to adjust to.
It's going to be Saturday, March 9th.
Go to meetup.com slash jupiterbroadcasting.
We've got seven people joining us so far.
And a big thank you
to Maddie,
aka Geek Dad,
for setting up
the reservation
at P.F. Chang's for that.
I'm really looking forward
to scale.
I've already got plans.
Right now,
we're trying to figure out
where the hell to stay.
No kidding.
Elle suggested an Airbnb.
That's not a bad idea.
Plus, maybe you could bring
that Super Nintendo system
you got.
Oh, that'd be fun.
That'd be fun. That would be pretty good. Yeah. The only trouble is could bring that Super Nintendo system you got. Oh, that'd be fun. That'd be fun.
That would be pretty good.
Yeah.
The only trouble is like you have no idea what the audio acoustics are like.
So it makes it harder for podcasting.
Oh, yeah.
That's hard.
There's no rating, right?
You can't just see like rate by acoustic reflectivity.
That's right.
So they should, though.
Internet speeds and acoustics.
Those should be part of the reviews.
But I'm already setting aside Saturday morning.
I think it's morning, right, Elle?
You have a talk like pretty early on Saturday, early-ish, like 11-ish?
I'm right after the keynote Saturday morning.
Ooh, right after the keynote. Nice.
No pressure.
Do yourself a favor. Skip the keynote, get a nice breakfast,
and then you'll be ready to learn all about containers and what you need to know.
Yeah, that's a great title. Containers, what you need to know so you know
what you need to know. I had a lot of fun coming up with that one, but anyone who's tried to learn
something new can completely understand that sentiment. Oh, yeah. Yeah, you're right. Yeah,
that does make sense from that perspective. That looks good. In Ballroom B, Saturday, March 9th,
1130 to 1230.
Go catch Elle.
And something tells me that's probably where you're going to find Wes and I at that time, too.
Sure will.
Come join us.
Yeah.
All right.
Well, why don't we now move over to the land of OpenSUSA and the OpenSUSA Challenge.
I think it's wasted effort.
Elle, you've been running OpenSUSA now for a couple of weeks. You made the jump from
elementary OS challenge. Jason from the Choose Linux podcast, ChooseLinux.show,
and Ryder over at Forbes had a great idea of doing these distro challenges.
And everybody loves a challenge. Everybody loves a challenge and has gotten quite a bit of traction.
You've gotten wrapped up in it.
And I'm really fascinated to start with your take on the move from elementary and Pantheon, which is what I'm using right now, over to OpenSUSE and Plasma, which could not be more
polar opposite than elementary OS. How did that go? Yeah, I honestly, maybe it's because I don't
have a lot of history with either of them, but I didn't notice that big of a go? You know, I honestly, maybe it's because I don't have a lot of history with
either of them, but I didn't notice that big of a transition, you know, the appearance wise and,
you know, the ability to automatically shrink my windows, which I am one of those that likes that.
You know, that was, that was great, but I didn't really feel like there was a learning curve or
anything. Now the package package management system, though,
totally different. The installer, radically different than elementary OS. What about that
stuff? So that's where I've definitely, I don't want to say I've hit a wall because I've managed
to configure things. But, you know, I was having the conversation earlier with I don't even know
what repos I'm supposed to have because it feels like every time I go to install something or I try to
configure something, they are giving me three to four more repos that I need. And I'm not somebody
that just feels comfortable having 40 repos that I'm constantly updating and just trusting them
at face value. I think more people should be skeptical. So I encourage that behavior.
So you've been doing something really kind of clever. And that is you've been keeping a log of the software you've installed, the repos you've had to add, the printing woes
that you've run into, the issues with trying to get Slack working. You're posting all of this stuff
up on your GitHub repo. And this is all in there. And I'm going through like your app install
log right here. And you're right.
Like almost every single time you wanted to install an app,
with the exception of Git, it looks like,
you had to add a repo.
And it's pretty complicated commands to do it.
Did you try using the Discover graphical GUI to manage software?
So I did.
And this is where it might be user error.
It might just be being new. But I kept running into the issues of YAST versus Zipper. Zipper,
sorry. And I would run into issues where it says, OK, well, this graphical tool isn't configured to
actually be able to do this. You know, you need to go change these settings. And then I would look
it up online and everybody's like, oh, just install
it through the terminal. Like, why are you even bothering with that? So I got to the point where
I think I turned to you and Wes and said, why are these tools even included in the GUI if I'm just
supposed to know to go to the terminal? Yeah, it's like, just don't install them.
One of the issues that we ran into as well is with the rolling updates is having a thousand
plus packages that were pushed and
automatically getting the updates on Twitter. Don't do it through the GUI. Everything will
break. You'll have to re-kick. Unfortunately, I got that news after I'd already updated.
Right. Because you get the little pop-up down in the system tray and it says,
hey, there's updates available. So like, oh, OK, let me do that.
We just fixed this bug upstream in PackageKit. Like it just, oh my God.
What was the bug?
So here, there are actually two kind of bugs, but one of them is the one that bites most people.
So some backstory here.
Zipper, as everyone knows, is the package manager that OpenSUSE uses for its distribution, right?
It's an RPM-based package manager, uses a SAT solver similar to what DNF does.
similar to what DNF does. But one of the problems with Zipper is that, or not Zipper specifically,
but with the way OpenSUSE is using Zipper, is that there is a distinction with, in my opinion,
not much difference about how upgrades should be handled between Tumbleweed and Leap. Now,
PackageKit has no awareness of this difference, which makes this a problem because it does the wrong upgrade action every time.
And so what happens is that you get into a half-broken state because Zipper will hold back packages in a way that doesn't make any sense.
It won't process transfer, source changes, renames, certain things like that. And so your computer just gets into a weird state and everything is broken and you just have to use a Butterfest snapshot and roll back.
That's not good.
And so what we just fixed, I think it was, it just got merged into PackageKit
a couple of weeks ago, was a fix to change it so that when it detects
that it's going to, when it hits a package in the package selection that says,
okay, this is like what OpenSUSE calls a product upgrade,
like it's going from one tumbleweed snapshot to the next,
it changes the upgrade mode.
And so it automatically switches from doing a normal upgrade
to what it's called is a dist upgrade or distribution synchronization state.
And the distribution synchronization state takes all the packages,
whether it's upgrades, downgrades, reinstalls, whatever, from the server
and says, I don't care, they're getting applied on this computer.
And so that keeps the transaction state consistent
and should make future stuff work.
That should have been back-loaded into package kit in OpenSUSE Tumbleweed,
and that should be rolling out, hopefully hopefully this snapshot, maybe the next one.
Well, no, that was probably all included in the series of updates that Elle installed. So Elle,
what did you do to get out of the situation since you had already clicked upgrade? I assumed you
must have borked the system. So it was very interesting borking. If that's, I don't know,
that's got to be the weirdest sentence I've ever made. But I had things like resolve.conf, all of my name servers disappeared.
I have no idea why. Suddenly, if I suspended my laptop and I opened my lid backup, I could log
into the system without a password. I went ahead and filed a bug report or actually somebody filed
a bug report on my behalf as I found other users through Twitter that were experiencing the exact same issue.
And we were lucky that we were doing it together
because a few people were like,
oh, well, we set up Lux Encrypt
so we didn't think we needed a password anymore.
And this is what happens when you have people who are new
just trying to figure out a new technology
that honestly doesn't have the best documentation.
I found great documentation for Leap,
but Tumbleweed, I feel like I'm making
it up as I go along. I tried to system admin my way through it and fix issues. I went into the KDE,
I forget which configuration file it was, and actually found what was enabled and disabled it.
And in the end, I ended up deciding I no longer trusted my system and I didn't feel it was secure.
I ended up deciding I no longer trusted my system and I didn't feel it was secure. And so I just re-kicked again. Decided against just doing a rollback, but just do a reinstall. At that point,
probably not a bad idea. Now I want to take a moment and let Cubicle Nate jump in here because
there's a long time SUSE user, Cubicle Nate, the few things must be jumping out at you here.
Yeah, I'm actually jumping around right now. So most of those fixes could have been taken care of
if you actually just did, you know, sudo zippered up.
And that actually would have basically re-baselined your Tumbleweed install.
And you just keep rolling along, pun intended.
Okay, I'm going to just jump in here for a second right there.
So I think part of one of the things that I've picked up on is, and Elle, tell me if you think I'm wrong here, is it's almost always the answer of, well, you could have just done X and that would have solved it. But that stuff isn't necessarily
discoverable. And in some cases, it's not even what the UI may or may not be prompting you to
do. Like there may be text that says you to do it. But if there's a button that does something else,
that's a really mixed message to new users. You know, one of the things I ran into was
the little GUI popped up and said, hey, you have a thousand plus updates. I figured I'll just let this run overnight and it'll be
done when I get up in the morning. It wasn't until then that I was told about running the
Zip or Dup. And so you said I could have just done that. Would that be possible after the fact? I
mean, at that point I was already in. Yes, it would have been possible after the fact,
after you even screw up your system. Good to know. If you have a working terminal and internet
connection, you can pretty much recover any
tumbleweed install.
That's awesome.
Okay.
So that's good.
See, that's really good to know now.
And that's one of these things, like if you stick with it for a long time, over a few
months, you'll collect these little tools here and there, and then you'll be pretty
confident using the distro.
It's just some of these things take a bit of a learning curve.
Without a buddy system.
Yeah, right.
How are you going to know? You almost seem like an assigned mentor for the project who
will teach you all the tips and tricks you need to actually survive. Richard can only tweet so
many people. Yeah, exactly. I love OpenSUSE Tumbleweed as a rolling distribution. It's
actually one of the two major development environments that I use. I have a Fedora
and I have an OpenSUSE system. But but holy crap somebody needs to sit down and like
actually figure out what what things are the avenues that people are supposed to go and like
get people aren't supposed to second guess themselves on their own computers i do that
on my open suza system and i'm supposed to be an expert at this like if i'm second guessing
myself on how my system's supposed to work that's's probably not a great thing. And this is one of the reasons when the issue with PackageKit,
the contributor who fixed this, who made the patch to fix this,
I was actually talking to him about it before and I was like,
this is how we fixed it in the DNF backend.
And we can probably replicate this in the Zipper backend as well.
And so he went in and did it and I reviewed the patch for him.
We got the guy who maintains Zipper and OpenSUSE to take a look at the patch so he went in and like did it. And I reviewed the patch form. We got the guy
who maintains Zipper and OpenSUSE to like take a look at the patch and he went and looked and at
the end, some more fixes, then it got merged and hopefully next package kit that we find.
But like the end problem here is the desktop environment and the desktop user experience
is half broken because the tools that are part of the desktop environment
can't be trusted to work and that is right that is a major failing in my book and that's a you
know as much as i dislike the fact that fedora doesn't have like when you look at a fedora
desktop there isn't so much stuff that is uniquely fedora anymore in a in a desktop even on in gnome
or i completely agree but the stuff works because we've hammered the
crap out of it to make sure that all the integration points from the upstream projects
are actually working and somebody needs to you know give a good a hard look at how these things
are working in open susa and say okay we want these code paths to work we want these behaviors
to make sense we want people to you know we want them to have a true path to success here so that they can feel naturally able to use the
distribution. It shouldn't matter that Leap is the one that works and Tumbleweed is the one that
doesn't because it has, you know, a different upgrade mechanism that has to run. That should,
nobody should care about that. And I'm saying this as a person who cares about this deeply.
Nobody should care about that.
And the fact that you have to care is a problem.
That's kind of it.
That is kind of it.
I tried to run Leap to begin with before any of this started and ended up having issues
with what we found out later was my graphical card.
I read it as a kernel panic.
And when I tried to bring that up, I have it in my GitHub, but the OpenSUSE response was basically telling me I couldn't compare the two.
And really, I should have been using Tumbleweed to begin with.
When I'm thinking, wait, the driver issue should have been stable on Leap, not on Tumbleweed.
So it gets really confusing for a new end user.
So the fact that we've managed to spend this much time even talking about these different nuances is staggering because they literally don't exist on Ubuntu or Fedora.
And it makes a significant difference when people are coming into a system.
If you're like Cubicle Nate or if you're like Richard or even Neil and you have the time to spend six months to a year to a decade learning these tools inside and out.
You were there when Zipro was developed.
You were there the day that they rolled out ButterFS snapshots.
You grok all this stuff.
Then it's a fantastic distribution because there are some tools in that distro and there are applications that ship and pre-installed that other distros just simply don't install and just don't have at all. And so it's really unique. And I'm curious if that's enough, Al, to make you
want to stick with it, because I think Jason's going for a full month on his challenge. Where
are you at right now with that? So as of last Friday, I was already talking to Joe about what
the next challenge was going to be. If he had any insight through Choose Linux, kind of give me the little lowdown so I could go ahead and change.
But now knowing that it's going to be a month, I think I'm going to stick through it because as much of a headache as it's been,
it's rekindled my love for Linux and being able to troubleshoot and getting that high when you're actually able to figure something else out.
I don't know if I'd recommend it to someone else, but with a little bit of Linux background, I think I can do it.
Is your distribution working too well? Try OpenSUSE.
Oh, that is a bad, that's not fair. Like, even though I've been, even though I just
ragged on OpenSUSE for two very important points, that's not fair. For 90% of what
OpenSUSE delivers, it works really well. No, I get it. I think it's a
little bit unfair to say, you know, you could just use Ubuntu and you'll be okay. But I have to say,
part of the problem with this is if you're running a rolling release on a distro that doesn't have a
tremendously high number of desktop users, then when you discover an interesting
corner case bug, you may be the first one to hit it or one of tens of people who've hit it.
Whereas with that, I'm not trying to sell Ubuntu, but when you're running something like Ubuntu,
where there are millions of people doing it and the support channels are well known,
easily searchable, chances are when you hit a problem,
statistically, other people have seen it. Other people have asked the question and answered the
question online and you can find a solution. When I had a problem with OpenSUSE and it cracked
itself and I got a black screen on boot, I went into the support channels and it was cobwebs.
Nobody answered my question at all for hours and hours and hours. And that's
the problem is it's okay to have a technically excellent set of tools and awesome developers,
but you need support and you need users who are willing to help other users fix these problems.
And Elle found some wonderful people on Twitter to help her out, but you need more of them.
That's the problem.
Yeah, you need a network effect.
Right. And Fedora has that to a lesser extent than Ubuntu does. But like we have,
you know, we have an excellent network of people, many channels of where people can,
you know, reach out and get assistance with stuff like that. And that helps as well. And I think
that's one of the reasons why Fedora has been, you know, it's geologic ages, as Matt Miller calls it, has been actually growing taller with each Fedora release.
And I think that it's a good virtuous cycle of improvement there because you get these good
feedback from users who help each other and figure out like how to pinpoint problems and
they give you quality feedback that you can then turn around and do better development,
focused development and stuff like that.
Yeah, I mean, that is just one of the many benefits of the network effect.
Let me check in with our local network here.
Mr. Payne, did you walk away with any impressions trying it for a little bit?
I gave it a go on the server side.
I have some thoughts about that, but I know you tried it out on the desktop side.
I did, and Neil, I think you just, you said that very well. There are a lot of aspects that
they're just done differently in this ecosystem and it's kind of refreshing. It does make me
almost, when I was using Arch more, there was that feeling of, all right, well, it's the Wild
West and I got to figure my stuff out. But, and again, as El so eloquently said, it's exciting.
There's a rush. You get all that understanding. You try to figure things out.
So I actually had a lot of fun getting OpenSUSE set up.
I tried the network installer, which actually worked really well and was very straightforward.
There were a couple little gotchas around not being able to set up automatically if
I wanted snapshots enabled on the root FS, which I did.
But otherwise, it booted up really fast.
It was snappy.
And honestly, I thought it looked
pretty good. I mean, to be honest, it's the rolling distribution with the safety net,
which makes it a ton of fun to play around with. It's not really quite the right fit for me,
but I can really appreciate what does make it great. I had a few bumps when I tried to deploy
it on the server. I went kind of on a hunt. I was really hoping to find a custom image
on like the OpenSUSE
build service or something that I could upload to DigitalOcean and run it there. I didn't find one.
They do have a kind of like temporary version of the build service. If you go to build.openseuse.org,
you'll see what I'm talking about. It's like a placeholder right now where you can pull down
some template images for some cloud providers. You can get
SUSE Linux Enterprise Server or open SUSE Leap 42.3 for AWS, as an example. You can get Leap 15
as a Docker container. So there are some options, but I was really hoping, what I was hoping is
when I go to this page where I thought it'd would be great is like a click to deploy on Linode
or click to deploy on DigitalOcean.
And there's more providers now.
You can find it on Linode and a few other VPSs.
In fact, there is an OpenSUSE wiki page
that lists some of the different VPS providers and VM providers
that offer OpenSUSE now.
And the list is growing.
Linode, I think, is probably the most prominent.
And I found it to be pretty simple
if you just want to do it that method.
If you want to go download an ISO
and then upload it
to your cloud provider of choice.
I didn't really want to do much hosting
on something like that,
like on an AWS instance.
So it was mostly kick the tires
and remember how cool
NCURSES tools are.
If you want to check out
the challenges Elle has run into
along her way,
go check out the link
in the show notes, linuxunplugged.com slash 288, where she has documented all up on GitHub,
the problems, the repo of problems, as I called it. Good luck, Elle. I'm glad you're going to
stick with it. I hope by the end of it that you feel like having learned some of the tools,
end of it that you feel like having learned some of the tools that it's it's a usable thing for you um but if you move on nobody will blame you i ran suce enterprise linux for like six years on the
server across more than 100 servers and eventually migrated away from it so sometimes it works for
you for a while and it's time to move on um and no no big deal there's plenty of good linux out
there for everybody there's a linux for all of us that's plenty of good Linux out there for everybody. There's a Linux
for all of us. That's part of what makes distro hopping so much fun. Just before we run, how about
a couple of quick picks? You know, I love me the Markdown, Wes. So I found me, now that I'm all
about the GTK apps again, this is what happens is I swing between desktops and then I find these apps
as I switch back to like a GTK desktop and then I want to share it with everybody. And I found one called Uber Writer.
It's Uber for Markdown.
No, I just hate it when people say that.
So I just get someone delivered to my house who does all my writing for me?
How does that work?
Wouldn't that be great?
That would actually be, hmm, let's think about that.
No, it's just a nice little GTK Markdown writer called Uber Writer,
and it has some nice preview modes.
It has some code completion.
It has a focus mode.
It looks gorgeous.
The fonts are great.
All the things that you would expect from a modern Markdown editor.
It's definitely like,
it's one of the ones that I think Mac users would even drool at.
It's got math right there in it and a dark mode.
So sold.
Heck yeah.
You can find it.
It's at Uber writer.ider.github.io
or we'll have a link
in the show notes.
And then did you see
this last one that I found?
I'm on a roll, Wes,
with the picks again.
Are you noticing this?
Like I'm on a picks roll right now.
You've been killing it.
And really what you're doing
is bloating my hardware
so that I just don't have
any space left on my root partition.
Legitimately,
we had somebody email
into the program
and they were like,
do you guys uninstall all these things that you pick all the time, or do you just
let your install grow and grow?
For the most part, I just leave them
installed, really. Well, half the time, we really
like what we find, so what are you going to do?
Right, and then, you know, they're
small. Like this next one, how about this?
Solitaire on the command line.
Eh? Eh?
With VI key bindings,
no less, so you can actually get some work done
in it. Oh, so you're trapped in the solitaire.
Well, Chris is trapped in the solitaire.
Yeah. No, until they have
nano-terre,
it's not for me, definitely.
Wouldn't know what to do.
Wouldn't know how to get out.
See, this might be a way to gamify you
actually learning it. You know, the get out. See, this might be a way to gamify you actually learning it.
You know, the reality is,
like, you can't get away from it.
The only editor that I have managed
to truly and wholly avoid is Emacs.
Like, Vim just comes pre-installed on everything.
And sometimes, you know,
an assist admin's got to edit a config file.
You know what I'm saying?
And I don't got time to install Nano.
Or maybe I don't have network yet,
and maybe that's why I need my editor.
You're thinking about it wrong.
You're thinking, Chris, because Emacs is an operating system.
So you've been doing the text editing.
You need to switch OS over to the Emacs world.
And here I was thinking you were going to say
the only editor you've managed to avoid is Ed.
Yeah, no, no.
Used Ed before.
I've used Ed.
But Nano master race for me.
I'm all about the Nano.
I will live and die in Nano.
All right.
Links to everything we've talked about today
in the show notes.
Neil, where can people find more
of what you do online?
Maybe a Twiddle handle
or a Github or something like that?
Twitter is the main place
where you can get in touch with me.
I'm twitter.com slash D-E-T underscore Conan
underscore Kudo.
D-E-T short for detective.
And on GitHub, I am Conan underscore Kudo DT short for detective. Uh, and,
uh, on GitHub,
I am Conan dash Kudo,
um,
and get lab.
I'm Conan underscore Kudo.
It's basically some variation or permutation of that.
I have the same avatar almost everywhere.
Um,
and I'm in most of the Fedora development channels.
I'm on in many of the different IRC channels for your open suits.
I'm even in the snappy channels, flat channels for your open suits. I'm even in snappy channels,
flat pack channels,
wherever,
wherever the wind takes me.
He's everywhere.
He's everywhere.
Of course you can find Popey and Wimpy over at Ubuntu podcast.org.
Rumor has it.
There's a meetup soon with details posted over there.
And should we say it guys?
Are you ready?
Do you want to announce it?
Are we ready to out the good news about LinuxFest?
Yeah, you can say the words.
So excited.
I'm so excited.
It is official.
Popey and Wimpy will be at LinuxFest Northwest 2019.
Oh, yes.
That deserves it.
There you go.
That gets a real bell.
That gets a real bell right there.
Yeah, flights are booked.
And yeah, we're going to come and have some fun with you guys.
Get a hire car, maybe get a convertible and have a road trip.
I've been looking at the hire cars.
I've been looking at the bigger and bigger and bigger ones.
Might as well go big.
We're going to America.
We should do it properly, right?
Get the biggest truck we can find.
There you do it.
And you'll laugh as you fill it with gas.
You'll laugh.
Ha ha.
And you'll call it gas. You'll call it gas.
Going to scream yee-haw out the window as we fire our guns in the air.
That would be pretty good. I might even pay for the hire car for that.
I think you'd probably fit in if you rented an RV.
There you go. We'll go, what do you call it over there? Caravanning. We'll go caravanning. That'd be excellent.
Yep. caravanning. We'll go caravanning. That'd be excellent. Go get more Wes Payne. He's over at
techsnap.systems. A new revamped
TechSnap now with Jim Salter
from Ars Technica joining Wes
every other week.
And a deep dive on QoS is coming
up soon. I'm looking forward to that. So techsnap.systems
slash subscribe.
And what about the Twitter handle for you there, Wes?
You got one of those? Oh, I sure do.
Go find all the weird things I dredge up from the internet at Wes Payne.
Who knew? Who knew? Any great snow pictures? I feel like you'd be pretty good with the snow
pictures, Wes. Oh, yeah. Well, I got one of the barbecue here at the studio. And of course,
all the dogs covered in snow. Oh, I'll have to go look. I'll have to go make a trip over to old
Wes Payne Twitter. I'm over there, too, at ChrisLAS.
Join us on Telegram, jupiterbroadcasting.com slash telegram.
And don't forget about that scale meetup, meetup.com slash jupiterbroadcasting.
We do this here program on a Tuesday.
jupiterbroadcasting.com slash calendar is where you get that live time and date.
JBLive.tv is where you watch it.
And go find our mumumble Room, too.
See you next Tuesday! Well, let's go title the show, jbtitles.com.
Yeah, we're tired, exhausted, got all fired up for today's extra spicy episode, so please help us.
Wes, you didn't get on a soapbox.
Do you want a quick post-show soapbox about something?
You know, like a local issue or something to do with dogs?
Actually, I'm feeling pretty happy this week.
I think everything's going darn swell.
I could get you on a soapbox if I gave you a burger and 50 bucks.
I still don't think you'd step up on that soapbox.
Popey, have you got a soapbox to get on?
Yeah, come on, Popey.
No, they don't have big enough soapboxes here for me to break them.
We got big ones here in the States, though.